Hi all,

I've found a bug in elog. It's all right that uploading an image which file name with special characters. I think it must have something to do with the code like"url_encode(file_enc, sizeof(file_enc));  /* for file names with special characters like "+" */". If I clicked the "Make small/Make larger/Original size/Rotate left/Rotate right" button, the elog server will hang. How it can be fixed? The attached image shows the debug info.

Xuan

Hi again everyone; a Sebastian suggested I use a reverse proxy to complete my need to have logs show up when someone 'lands' on my first entry page. I see that Elog will only start recording logs when someone has actually started to do some work.. like login, read a post, etc... but NOT when they first enter the login page or 'listings' pages. I have tried fowarding from my router (both lighty and Apache) but so for no good. I will also look into  a vhost option and shareing the same port (very difficult- if even possible)  to  solve my dilema.

John :)

Hi,
that Sebastian would be me. I replied to the first entry, as it was a draft (site reloaded incorretly...) and now I can't see the post anywhere. But this is off topic.

We have elog running on port 8000 and forward the traffic via Apache to it. Apache handles the SSL and other sites on the server.
All you need is a apache site configuration like the following. The parameter you want is CustomLog. (Have a look in the internet for options.)
I have also used nginx as webserver and know it can also handle this proxy setup.
If you use the following config, the elog config needs the URL attribute in the (global) config.

Best wishes,
Sebastian

<VirtualHost *:443> # change 443 to  80, if you don't use SSL
        ServerName your.server.name

        # delete the next 3 lines, if you don't use SSL
        SSLEngine on
        SSLCertificateFile /path/to/your/ssl.crt
        SSLCertificateKeyFile /path/to/your/ssl.key

        ProxyPreserveHost On
        ProxyPass / http://127.0.0.1:8000/
        ProxyPassReverse / http://127.0.0.1:8000/

        # Possible values include: debug, info, notice, warn, error, crit, alert, emerg.
        LogLevel warn
        CustomLog ${APACHE_LOG_DIR}/access.log combined
        ErrorLog ${APACHE_LOG_DIR}/error.log

</VirtualHost>

Thank you soo much Sebastian once again for helping me!! This is something that will help me very much in the future with other situations similiar!

John :)

*** edit ***

I solved my problem by removing the guest options from the logbooks ('Guest menu commands' and 'Guest List Menu commands'), this forbids any unauthorised user to see the content of the concerned logbooks. This is what I needed.

***********
 

Dear Stefan,

I am currently configuring elog for a user platform that will run different unrelated experiments for unrelated research groups. As Stefano, I also would like that user only see the logbooks that they are allowed to edit; your answer was

Hiding logbooks from the logbook selection page is not possible since when people bring up that page, they are not yet logged in, so elog does not know who is accessing the page

However if I set Protect Selection page = 1 in [global] and force users to log in before accessing the logbook selection page, wouldn't elog know who looks at the page?

I would like to use top groups to separate administrative tasks from experimental projects and maintain an easy flow between the different logbooks within a top group for those users that can edit more than one logbook (e.g. the employees of the user platform).

Kindly,

marijn

I'm testing the PAM authentication feature, and have a couple questions, a suggestion, and a comment.

First the comment... it was pretty easy to get working, and is exactly what we need here, so thanks! Our PAM stack here is designed to allow logins with Active Directory, LDAP, or local accounts, so the PAM option preserves all of that.

The suggestion: In order to make it work, I had to add a symbolic link in /etc/pam.d:
    elogd -> system-auth
That might be considered for addition to the documentation (this was on Red Hat Enterprise Linux 7.7)

The questions:

1. The docs indicate that "Self register" must be set to >= 1, but in the code (elogd.c, line 26453), if the PAM module is enabled, Self register is overriden to 0. The result is that no "register as new user" link is displayed on the login screen. Is that the intent?
2. Related... can PAM and File authentication both be enabled? We have some logbooks that are used by both internal people (with an A/D account) and outside collaborators that get local elog accounts. This works with LDAP + File, can it work with PAM?

Thanks in advance!

David, thank you for reporting on your findings regarding the PAM feature. I will look into the points you mentioned:

0. On my machines (Debian testing and stable) I did not have to add anything to /etc/pam.d, but apparently Debian just uses implicit defaults then, and REHL might insist on using excplicit settings. Adding a hint in the documentation is certainly useful, thank your for the suggestion. Maybe elog should provide a pam.d config file (which can be installed/adapted by package maintainers for various OSes).

1.+2. If I remember correctly, I intentionally disabled registration when using the PAM backend, because users will register using their passwd/LDAP/NIS users, and new users can only be regustered using the appropriate tools for the authentication mechanism used. This might not be correctly reflected in the docs, I will check that. In the light of question 2., I can also re-investigate that policy, so that logins will check against both the elog user database and PAM. Self-registering can then be enabled again, and new registrees will go to the elog database. I will try to bringthe code in line with how LDAP works.

regards,

Christoph

Attached the shell scripts using awk and sed how I have migrated two separated logbooks into one single and how I re-adjusted certain attributes.